Supplier shall develop security policies and procedures as provided
in Sections 10.3 (Safety Procedures), 10.4 (Security Procedures), and 11 (Data Backup and Disaster Plan) and as required pursuant to Section 2 (Security) of Exhibit A.2 (Cross Functional Services) designed to protect Gap against the
destruction, loss, or alteration of Gap Data which shall be no less rigorous than those maintained by Supplier for its own data and shall incorporate Gaps existing policies. Notwithstanding anything in this Agreement to the contrary, provided
Supplier has performed its back-up responsibilities for Gap Data as described in Section 11.1 (Data Backup), Suppliers sole obligation shall be to restore such data or information to the most recently available electronic back-up copy.